[German]The Credit Scores of Millions of Americans has been exposed via a faulty API of credit reporting company Experian, as Krebs on Security reported here. A name and an email address was sufficient, to snoop into the credit score of tens of millions of Americans. Although Experian says it has plugged the data leak, the security expert who has uncovered this leak, fears, that other lending websites, who are using this API are still suffering from thes vulnerability.
Also Threadpost has covered the privacy issues revealed by student Bill Demirkapi via the following tweet.
The Experian Connect API, allows lenders to automate FICO-score queries. Threadpost writes, that Bill Demirkapi, at Rochester Institute of Technology, was shopping for student loans when he found a lender that would check his eligibility with just a name, address and date of birth. More details about that case may be read at Krebs on Security. According to Wikipedia, Experian has been hit of a constant stream of data breaches in 2015, 2012 and 2021. More Details may be read at Krebs on Security's reported here.
Cookies helps to fund this blog: Cookie settings